Announcement
Collapse
No announcement yet.
Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability
Collapse
X
-
Originally posted by cybertraveler View PostMissing a "/s"?
Torvalds would reject AND shout profanities at anyone that tries sending what you were worried about, and the other top-level maintainers (and probably also other maintainers as well) will also reject it because that would be an ugly hack.
If they were allowing these shitty practices at all, the kernel would have become a bloody mess a while ago.
- Likes 1
Leave a comment:
-
Originally posted by Ray54 View PostI do not understand why sound drivers need protecting against Spectre, etc. I do not think that sound drivers use passwords and I assume that this does not protect audio recordings made with the sound hardware. Could someone please say where the risk is with sound drivers?
- Likes 1
Leave a comment:
-
Originally posted by starshipeleven View PostYour lack of faith in kernel devs is disturbing. Repent asap or face the consequences of your sin.
Originally posted by starshipeleven View PostThe function used here for mitigating speculative vulnerabilities (Spectre) is into ifdefs (conditional macro code) and enabled/disabled with _LINUX_NOSPEC_H config. It's also sitting in its own file called "nospec.h", and there is a text file in the docs to explain what is this about https://github.com/torvalds/linux/bl...peculation.txt
Most other stuff about speculative vulnerability follows the same criteria, and it usually contains "nospec" in the name. https://github.com/torvalds/linux/se...q=nospec&type=
Note that commenting may not be very verbose as you can look up the git history of the file with all the commits to it and the descriptions from there.
- Likes 1
Leave a comment:
-
Originally posted by cybertraveler View PostI wonder if the kernel source code is now littered with code designed to mitigate these issues. I hope that they're making decent use of conditional macro code chunks so they can easily disable this stuff in the future. I hope they're commenting their changes well too.
The function used here for mitigating speculative vulnerabilities (Spectre) is into ifdefs (conditional macro code) and enabled/disabled with _LINUX_NOSPEC_H config. It's also sitting in its own file called "nospec.h", and there is a text file in the docs to explain what is this about https://github.com/torvalds/linux/bl...peculation.txt
Most other stuff about speculative vulnerability follows the same criteria, and it usually contains "nospec" in the name. https://github.com/torvalds/linux/se...q=nospec&type=
Note that commenting may not be very verbose as you can look up the git history of the file with all the commits to it and the descriptions from there.
- Likes 14
Leave a comment:
-
It looks like the Spectre / Meltdown speculative execution flaw fun isn't over yet! 8 new security vulnerabilities found in Intel processors. Xorg server security is beginning to look like an armed fortress in comparison to CPUs.
https://www.neowin.net/news/more-flaws-discovered-in-intel-chips---some-serious-expect-patches-soon
- Likes 6
Leave a comment:
-
I wonder if the kernel source code is now littered with code designed to mitigate these issues. I hope that they're making decent use of conditional macro code chunks so they can easily disable this stuff in the future. I hope they're commenting their changes well too.
- Likes 2
Leave a comment:
-
Originally posted by Ray54 View PostI do not understand why sound drivers need protecting against Spectre, etc. I do not think that sound drivers use passwords and I assume that this does not protect audio recordings made with the sound hardware. Could someone please say where the risk is with sound drivers?
One of the things done by the kernel is segregating applications in RAM, denying them access to areas of RAM that is allocated by something else (or by the kernel for itself). The ability to break this segregation is bad.
To exploit this you would need to craft malware that interacts with these drivers, as explained by pali above.
- Likes 6
Leave a comment:
Leave a comment: